ugRR.pdb
Static task
static1
Behavioral task
behavioral1
Sample
20220830_Proteco_PTE.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
20220830_Proteco_PTE.exe
Resource
win10v2004-20241007-en
General
-
Target
20122024_0925_17122024_20220830_Proteco_PTE.rar
-
Size
563KB
-
MD5
7fffc2822017fc7be6ac0e208955debc
-
SHA1
09283cc60541cd9aeac43ab8cac905281fe735fb
-
SHA256
14cab2ee5ae251656fcd3cb620ff766993adeec2168698db4947db4df5e9711b
-
SHA512
055c8e1d90c5be9195caae9b8ce5b34f02187483b9d12bda22533887a252aa21da2dde91a6ccd64cb065c037f02a6318bd3f0148c5837d84999215cef7b76343
-
SSDEEP
12288:gq9i88sH1vexSzMIOpZVTyt/JhnrFJBO7BTdaqpVZGTJZm:piWZeKUpfOt/zZJEdaq8TJZm
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/20220830_Proteco_PTE.exe
Files
-
20122024_0925_17122024_20220830_Proteco_PTE.rar.rar
Password: infected
-
20220830_Proteco_PTE.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 732KB - Virtual size: 731KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 99KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ